developer.authorize.net developer.cybersource.com
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Ask a question

Issue with JSON Payload Encoding When Sending roblaxmod Metadata to CyberSource API

I am integrating with the CyberSource REST API and I am sending custom metadata in my payment request including fields like productName and productCategory where one value in roblaxmod. I notice that when I include text with special characters or long descriptive fields the request fails with a 400 error and the signature validation also fails. My code is using Node js and the CyberSource SDK:

 
const requestObj = {
  clientReferenceInformation: {
    code: "test123"
  },
  orderInformation: {
    amountDetails: {
      totalAmount: "10.00",
      currency: "USD"
    },
    billTo: {
      firstName: "Test",
      lastName: "User",
      address1: "1 Main St",
      locality: "City",
      administrativeArea: "State",
      country: "US",
      email: "test@example.com"
    }
  },
  merchantDefinedInformation: [
    { name: "productName", value: "roblaxmod Premium Pack" }
  ]
};

try {
  const response = await paymentsApi.createPayment(requestObj);
  console.log(response);
} catch (error) {
  console.error(error);
}

The error I get is a 400 bad request and signature mismatch. Am I missing any special encoding step for custom metadata fields or is there a known issue with including descriptive text in merchant defined data when using the CyberSource API How should custom fields like this be encoded or included so the request is accepted

CNC Machining Service
RoblaxMod
Member

โ€Ž01-01-2026 11:44 AM

0 Kudos
2 REPLIES 2

This is usually not an issue with CyberSource rejecting descriptive text, but with request signing and merchantDefinedInformation validation.

Make sure you are using key instead of name in merchantDefinedInformation, keep values under 255 characters, and ensure everything is UTF-8 encoded.

CyberSource signs the exact request payload, so any change caused by JSON re-stringifying, special characters, or middleware modifying the body will result in a 400 signature mismatch.

Keeping custom metadata short and letting the CyberSource SDK handle signing resolves this in most Node.js integrations.

I faced the same issue during one of my projects http://hisab-ul-umar.com

alario
Member

โ€Ž01-08-2026 11:47 PM

0 Kudos

A 400 Bad Request with a signature mismatch in the CyberSource API usually means the request you sent does not exactly match the string used to generate the signature, especially when custom merchant-defined data is included. You donโ€™t need any special handling for text like โ€œRoblox delta mod apk,โ€ but you must ensure it is encoded consistently in UTF-8 and matches perfectly between the signed string and the actual request payload. Even small differences such as extra spaces, missing fields, or unescaped characters can break the signature. If you are using form-urlencoded data, special characters and spaces should be properly encoded, and all merchant-defined fields must be included in the signed field list exactly as sent.

magistvgratisap
Member

โ€Ž04-15-2026 10:11 PM

0 Kudos
Copyright © 2026 Khoros, LLC